result = LDAP_OPERATIONS_ERROR;
errstr = talloc_asprintf(reply, "SASL: Failed to start authentication system: %s",
nt_errstr(status));
+ goto do_reply;
}
}
if (NT_STATUS_EQUAL(NT_STATUS_MORE_PROCESSING_REQUIRED, status)) {
result = LDAP_SASL_BIND_IN_PROGRESS;
errstr = NULL;
+ goto do_reply;
} else if (NT_STATUS_IS_OK(status)) {
struct ldapsrv_sasl_postprocess_context *context = NULL;
errstr = talloc_asprintf(reply,
"SASL:[%s]: Sign or Seal are not allowed if TLS is used",
req->creds.SASL.mechanism);
+ goto do_reply;
}
if (context && conn->sockets.sasl) {
errstr = talloc_asprintf(reply,
"SASL:[%s]: Sign or Seal are not allowed if SASL encryption has already been set up",
req->creds.SASL.mechanism);
+ goto do_reply;
}
if (context) {
errstr = talloc_asprintf(reply,
"SASL:[%s]: not allowed if TLS is used.",
req->creds.SASL.mechanism);
- break;
+ goto do_reply;
+
case LDAP_SERVER_REQUIRE_STRONG_AUTH_YES:
status = NT_STATUS_NETWORK_ACCESS_DENIED;
result = LDAP_STRONG_AUTH_REQUIRED;
errstr = talloc_asprintf(reply,
"SASL:[%s]: Sign or Seal are required.",
req->creds.SASL.mechanism);
- break;
+ goto do_reply;
}
}
errstr = talloc_asprintf(reply,
"SASL:[%s]: Failed to setup SASL socket: %s",
req->creds.SASL.mechanism, nt_errstr(status));
+ goto do_reply;
} else {
struct auth_session_info *old_session_info=NULL;
errstr = talloc_asprintf(reply,
"SASL:[%s]: Failed to get session info: %s",
req->creds.SASL.mechanism, nt_errstr(status));
+ goto do_reply;
} else {
talloc_unlink(conn, old_session_info);
"SASL:[%s]: Failed to advise samdb of new credentials: %s",
req->creds.SASL.mechanism,
nt_errstr(status));
+ goto do_reply;
}
}
}
}
talloc_unlink(conn, conn->gensec);
conn->gensec = NULL;
+ goto do_reply;
}
+do_reply:
resp->response.resultcode = result;
resp->response.dn = NULL;
resp->response.errormessage = errstr;